MCP Manager

Every MCP Server. One Dashboard.

Terse discovers all the MCP servers scattered across your Claude Code, Cursor, and Windsurf configs, risk-scores each one, and lets you enable or disable any server with one click — no JSON editing, ever.

3tools scanned: Claude Code · Cursor · Windsurf
4risk signals per server
1-clickenable / disable
0JSON files opened by hand

Audit Your MCP Attack Surface

MCP servers are third-party code with access to your agent — and they accumulate silently across config files. Terse puts them all in one list, scored.

Terse — MCP Manager · 6 servers found
Scan Complete
filesystemClaude Code · local stdio · 11 toolsLow
githubClaude Code + Cursor · token in configMedium
shell-execCursor · code-execution surfaceHigh
web-searchWindsurf · remote transportMedium
old-scraperClaude Code · unpinned npx · unused 30dHigh
postgresCursor · local stdio · pinned versionLow
🔍

Cross-Config Discovery

Terse scans the MCP configuration of Claude Code, Cursor, and Windsurf — global and project-level — and merges everything into a single inventory. No server hides.

3 tools
🌐

Remote Transport Flag

Servers running over remote transports execute on someone else's machine. Terse flags them so you know which tools ship your requests off-device.

Risk signal
🔑

Embedded Credential Check

API keys and tokens pasted into MCP config files sit in plain text. Terse detects embedded credentials and raises the server's risk score.

Risk signal
💣

Code-Execution Surface

Servers exposing shell or arbitrary-code tools give the agent — and anything that prompt-injects it — direct execution on your machine. Flagged high.

Risk signal
📦

Unpinned Supply Chain

An MCP server launched via unpinned npx or uvx pulls the latest package on every start — a supply-chain attack away from your codebase. Terse flags unpinned servers.

Risk signal
🎚️

One-Click Enable / Disable

Toggle any server off without opening a config file. Terse rewrites the JSON safely and preserves the definition, so re-enabling is the same single click.

No JSON

MCP Servers Aren't Free — They Cost Tokens

Every enabled server injects its tool definitions into the agent's context on every single request, whether you use those tools or not.

The hidden context tax
Tool schemas injected per serverhundreds–thousands of tokens
Sent onevery request
Dead servers you forgot aboutstill injected
Resultcontext bloat on every turn
Terse Doctor's MCP bloat scan finds dead servers, unused tools, and bloated tool prefixes.
What the MCP Manager does about it
Shows which servers your agents actually use — and which have been dead weight for weeks
Disables unused servers in one click, reclaiming their context tokens on every future request
Flags high-risk servers so the sketchy ones get turned off first
Pairs with the budget circuit breaker — leaner context means every turn under your ceiling goes further
Result: smaller context, smaller attack surface, smaller bill

Frequently Asked Questions

Everything about discovering, auditing, and disabling MCP servers.

How do I see all the MCP servers on my machine?
Terse scans the MCP configs of Claude Code, Cursor, and Windsurf and lists every server in one dashboard — name, transport, exposed tools, and which agents load it. Servers configured in multiple tools appear once with all attachment points.
How do I disable an MCP server without editing JSON?
Flip the toggle next to the server. Terse rewrites the underlying config safely and preserves the original definition, so re-enabling is the same single click. You never open a config file by hand.
What makes an MCP server risky?
Four signals: remote transport, embedded credentials in plain-text config, code-execution surface (shell or arbitrary-code tools), and unpinned supply chain (npx/uvx pulling latest on every launch). High-scoring servers are flagged for review.
Do unused MCP servers cost me tokens?
Yes — every enabled server injects its tool schemas into the agent's context on every request. Terse Doctor's MCP bloat scan finds dead servers, unused tools, and bloated tool prefixes; the MCP Manager disables them in one click.
Which tools' MCP configs does Terse discover?
Claude Code, Cursor, and Windsurf — both global and project-level configuration files, managed from the same dashboard.
Does the MCP Manager send my configs to the cloud?
No. Discovery, risk scoring, and config edits all happen on-device. Your MCP configs — including any credentials inside them — never leave your machine.

Also Works With

The MCP Manager covers every agent that loads MCP servers — and Terse monitors the rest of your agent fleet too.

Claude Code — CLI Agent Cursor — AI Editor 🌊Windsurf — Cascade Agent 🛑Budget Circuit Breaker

Know What Your Agents Are Loading

30-day free trial. Scan runs on-device — your configs never leave the machine.

Start Free Trial Calculate Your Savings